Lucene search
K

2626 matches found

EUVD
EUVD
added 8 hours ago8 views

EUVD-2026-43253

A vulnerability was identified in pig-mesh Pig up to 3.9.2. Affected by this issue is some unknown functionality of the file \pig-master\pig-visual\pig-codegen\src\main\java\com\pig4cloud\pig\codegen\service\impl\GeneratorServiceImpl.java of the component pig-codegen. Such manipulation leads to...

6.5CVSS6.3AI score
Exploits0References6
EUVD
EUVD
added 8 hours ago6 views

EUVD-2026-43259

A flaw has been found in Jinher OA 1.0. The affected element is an unknown function of the file /C6/JHSoft.Web.PlanSummarize/PlanGiveOut.aspx. This manipulation of the argument httpOID causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be...

7.5CVSS6.7AI score
Exploits0References5
CVE
CVE
added yesterday13 views

CVE-2026-15509

Leantime up to 3.8.0 is affected by a vulnerability in the JSON-RPC Endpoint functions editUser/addUser where manipulating the role argument leads to improper authorization. The issue is exploitable remotely and has been publicly disclosed; vendor response was not provided. Affected impact includ...

6.5CVSS6.2AI score
Exploits0References5
EUVD
EUVD
added yesterday7 views

EUVD-2026-43246

A weakness has been identified in vnotex vnote up to 3.20.1. Impacted is an unknown function of the file /src/data/extra/web/js/markdownit.js of the component YAML Frontmatter. This manipulation of the argument pmetaData causes cross site scripting. The attack may be initiated remotely. The vendo...

5.1CVSS4.6AI score
Exploits0References4
EUVD
EUVD
added yesterday7 views

EUVD-2026-43222

A weakness has been identified in AstrBotDevs AstrBot up to 4.25.2. Affected by this vulnerability is the function getonlineplugins of the file astrbot/dashboard/routes/plugin.py of the component marketlist Endpoint. Executing a manipulation of the argument customregistry can lead to server-side...

6.5CVSS6.4AI score
Exploits0References6
EUVD
EUVD
added yesterday7 views

EUVD-2026-43219

A vulnerability was determined in SonicCloudOrg sonic-agent up to 2.7.2. This affects an unknown function of the file sonic-server-controller/src/main/java/org/cloud/sonic/controller/controller/ExchangeController.java of the component JWT Authentication Filter. This manipulation causes code...

7.5CVSS6.6AI score
Exploits0References5
EUVD
EUVD
added yesterday9 views

EUVD-2026-43218

A vulnerability was found in SonicCloudOrg sonic-agent up to 2.7.2. The impacted element is the function evalIsFailed of the file sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java of the component Groovy Script Handler. The manipulation results in os command...

6.5CVSS6.3AI score
Exploits0References5
CVE
CVE
added yesterday10 views

CVE-2026-15495

The vulnerability CVE-2026-15495 affects SonicCloudOrg sonic-agent up to version 2.7.2, specifically in the Android WebSocket Server component’s AndroidWSServer.java. The issue arises from manipulating the path argument, causing os command injection. It is remotely exploitable and has public disc...

6.5CVSS6.3AI score
Exploits0References6
EUVD
EUVD
added yesterday7 views

EUVD-2026-43213

A weakness has been identified in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. This affects an unknown part. This manipulation causes missing authentication. The attack is possible to be carried out remotely. This product adopts a rolling release strategy to maintain...

7.5CVSS6.7AI score0.00452EPSS
Exploits0References4
EUVD
EUVD
added yesterday6 views

EUVD-2026-43212

A security flaw has been discovered in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected by this issue is some unknown functionality of the file proses/add.php. The manipulation of the argument kodeproduk/kdcs results in sql injection. The attack can be executed...

7.5CVSS6.7AI score0.00494EPSS
Exploits0References4
EUVD
EUVD
added yesterday7 views

EUVD-2026-43204

A weakness has been identified in Aster Telecom Azcall 10/11. This issue affects some unknown processing of the file /azcall/adm/gestaoloja/sis.php?t=consultar of the component HTTP Handler. Executing a manipulation of the argument nome/perfil/status can lead to sql injection. The attack may be...

7.5CVSS5.9AI score0.00304EPSS
Exploits0References4
EUVD
EUVD
added yesterday9 views

EUVD-2026-43194

A vulnerability was determined in Eleveo Call Recording Software 9.7.0. This vulnerability affects unknown code of the file /callrec/composeEmailAction.do. Executing a manipulation can lead to improper authorization. The attack can be executed remotely. The exploit has been publicly disclosed and...

5.3CVSS5.9AI score0.00207EPSS
Exploits0References5
EUVD
EUVD
added yesterday7 views

EUVD-2026-43193

A vulnerability was found in Eleveo Call Recording Software 9.7.0. This affects an unknown part of the file /callrec/pcidssstatus.jsp. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The exploit has been made public and could be used. Th...

5.3CVSS5.8AI score0.00207EPSS
Exploits0References5
CVE
CVE
added 3 days ago7 views

CVE-2026-2397

CVE-2026-2397 describes an SQL injection in Adam Retail Automation Ltd.’s MobilMen 20T. Affected: MobilMen 20T from version v3 through 10072026. Root cause: improper neutralization of special elements used in an SQL command. Impact is high across confidentiality, integrity, and availability (CVSS...

9.8CVSS6.1AI score0.00265EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-2397 SQLi in AdamPOS' MobilMen 20T

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Adam Retail Automation Ltd. MobilMen 20T allows SQL Injection. This issue affects MobilMen 20T: from v3 through 10072026. NOTE: The vendor was contacted early about this disclosure but did not...

9.8CVSS0.00265EPSS
Exploits0References1
NVD
NVD
added 3 days ago12 views

CVE-2026-15377

A vulnerability was determined in Eleveo Call Recording Software 9.7.0. Affected by this vulnerability is an unknown functionality of the file /callrec/sendlogfile. This manipulation causes improper authorization. The attack may be initiated remotely. The exploit has been publicly disclosed and m...

5.3CVSS0.00255EPSS
Exploits0References5
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-42953

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Webremium Istanbul Web Design Mezunum Satiyorum allows Stored XSS. This issue affects Mezunum Satiyorum: from 1.2.504 through 10072026. NOTE: The vendor was contacted early about this disclosure bu...

6.4CVSS6.1AI score0.00148EPSS
Exploits0References1
CVE
CVE
added 3 days ago8 views

CVE-2026-15377

Technical details about CVE-2026-15377 are not publicly available in the provided documents; monitor for future updates.

5.3CVSS5.9AI score0.00255EPSS
Exploits0References5
EUVD
EUVD
added 3 days ago7 views

EUVD-2026-42945

A vulnerability was determined in Eleveo Call Recording Software 9.7.0. Affected by this vulnerability is an unknown functionality of the file /callrec/sendlogfile. This manipulation causes improper authorization. The attack may be initiated remotely. The exploit has been publicly disclosed and m...

5.3CVSS5.9AI score0.00255EPSS
Exploits0References5
EUVD
EUVD
added 3 days ago10 views

EUVD-2026-42917

A vulnerability was detected in Eleveo Call Recording Software 9.7.0. The impacted element is an unknown function of the file /callrec/userAddAction.do. Performing a manipulation of the argument role results in improper authorization. It is possible to initiate the attack remotely. The exploit is...

6.5CVSS6.5AI score0.00256EPSS
Exploits0References5
Rows per page
Query Builder